Open JulesTriomphe opened 4 years ago
Could you provide english error message (e. g. use browser with english language) and request flow from the browser network console (blind guess: there is many redirects between app and idp).
There are indeed many redirects between the app and the IdP. HAR file is attached : auth.whoami.example.com.txt Here is the error message from Chrome (in English) :
Thanks a lot for your help !
does it work in Firefox?
I've noticed the same behaviour in Chrome but it works in Firefox
Chrome is blocking set cookie as the cookie is marked as secure but sent via http
It does not work in Firefox either (cf. the first screenshot). The error message says the request is not redirected correctly. It suggests that the problem is a cookie problem.
Does louketo-proxy support forward auth? There are other merge requests claiming to add support for it which have not been merged.
Configuration for Traefik ForwardAuth
Summary
I'm running Keycloak, Louketo, Traefik and a WhoAmI container in docker swarm. After configuring everything, I am able to authenticate with my IdP (Keycloak), but there is a redirection error, so I am unable to access the WhoAmI container.
Environment
Docker version 19.03.12, build 48a66213f docker-compose version 1.24.0, build 0aa59064 Keycloak : quay.io/keycloak/keycloak:latest Louketo : quay.io/louketo/louketo-proxy:1.0.0 Traefik : traefik:v2.2 WhoAmI : containous/whoami:v1.3.0
Expected Results
I expect to be able to access my WhoAmI container.
Actual Results
(It means the redirection is wrong. I checked, and if it is a cookie problem, it is not coming from the browser.)
Steps to reproduce
Traefik configuration (proxy.yml)
WhoAmI configuration (whoami.yml)
Proxy configuration (auth_conf.yml)
Additional Information
I have tried using the internal names of the auth and app containers for the WhoAmI stack as the upstream and redirection URLs, without success.